摘要:1.0.8 does not have CSRF check when uploading files, which could allow attackers to make logged in admins upload files (including HTML containing JS code for user......1.0.8 does not have CSRF check when uploading files, which could allow attackers to make logged in admins upload files (including HTML containing JS code for user
(关于单例双重检测,附上一篇文章,写的不错:https://jianshu/p/45885e50d1c4) 1publicstaticsynchronized
( guan yu dan li shuang zhong jian ce , fu shang yi pian wen zhang , xie de bu cuo : h t t p s : / / w w w . j i a n s h u . c o m / p / 4 5 8 8 5 e 5 0 d 1 c 4 ) 1 p u b l i c s t a t i c s y n c h r o n i z e d < T > E x t e n s i o n L o a d e r < T > i n i t E x t e n s i o n L o a d e r ( . . .
∩^∩
I tried a few suggestions and the found this site, sorry I messed with things and didn't see this sooner :/. I don't think I got everything removed
发表评论